jsing [Wed, 22 Feb 2023 06:00:24 +0000 (06:00 +0000)]
Adjust parentheses in mont->ri assignment.
Requested by tb@
jsing [Wed, 22 Feb 2023 05:57:19 +0000 (05:57 +0000)]
Replace bn_sub_part_words() with bn_sub().
Now that bn_sub() handles word arrays with potentially different lengths,
we no longer need bn_sub_part_words() - call bn_sub() instead. This allows
us to entirely remove the unnecessarily complex bn_sub_part_words() code.
ok tb@
jsing [Wed, 22 Feb 2023 05:46:37 +0000 (05:46 +0000)]
Rework bn_add()/bn_sub() to operate on word arrays.
Rather than working on BIGNUMs, change bn_add()/bn_sub() to operate on word
arrays that potentially differ in length. This matches the behaviour of
s2n-bignum's bignum_add() and bignum_sub().
ok tb@
jsing [Wed, 22 Feb 2023 05:25:47 +0000 (05:25 +0000)]
Rewrite and simplify BN_MONT_CTX_set()
OpenSSL commit
4d524040bc8 changed BN_MONT_CTX_set() so that it computed
a 64 bit N^-1 on both BN_BITS2 == 32 and BN_BITS2 == 64 platforms. However,
the way in which this was done was to duplicate half the code and wrap it
in #ifdef.
Rewrite this code to use a single code path on all platforms, with #ifdef
being limited to setting an additional word in the temporary N and storing
the result on BN_BITS2 == 32 platforms. Also remove stack based BIGNUM in
favour of using the already present BN_CTX.
ok tb@
djm [Wed, 22 Feb 2023 03:56:43 +0000 (03:56 +0000)]
fix progressmeter corruption on wide displays; bz3534
feedback/ok dtucker@
jmc [Tue, 21 Feb 2023 19:49:50 +0000 (19:49 +0000)]
adress -> address;
tb [Tue, 21 Feb 2023 17:06:52 +0000 (17:06 +0000)]
rpki-client: refactor manifest/crl parsing a bit
Now that we always try to load the CRL from both locations, we can deal
with loading the DER directly in proc_parser_mft_pre(), so shuffle the
code around to accomplish that. This should make an upcoming diff by
claudio a bit simpler.
ok claudio
deraadt [Tue, 21 Feb 2023 16:26:57 +0000 (16:26 +0000)]
hppa does some weird callgate stuff, so the pinsyscall() provides the
wrong address to the kernel. disable for now.
deraadt [Tue, 21 Feb 2023 16:21:40 +0000 (16:21 +0000)]
dlfcn/init.c
mbuhl [Tue, 21 Feb 2023 15:45:40 +0000 (15:45 +0000)]
spelling.
ok jmc
deraadt [Tue, 21 Feb 2023 14:46:41 +0000 (14:46 +0000)]
Do pinsyscall() after static libc is configured for errno storage.
deraadt [Tue, 21 Feb 2023 14:42:25 +0000 (14:42 +0000)]
pinsyscall(2) is not just for dynamic binaries anymore, so make the
text more generic
deraadt [Tue, 21 Feb 2023 14:41:51 +0000 (14:41 +0000)]
In static binaries, if WEAK execve can be found, use pinsyscall(2) to
tell the kernel where the execve stub is found. With this mechanism
we cannot tell the size, so use 128 as an estimate for the most we expect
from any architecture.
discussed with kettenis, ok guenther
deraadt [Tue, 21 Feb 2023 14:39:35 +0000 (14:39 +0000)]
create a stub for pinsyscall(2)
ok guenther
deraadt [Tue, 21 Feb 2023 14:31:07 +0000 (14:31 +0000)]
for process kills due to execve from non-pinned syscall address, export
a new AEXECVE bit to acct(4), and print it in lastcomm(8)
ok bluhm
bcallah [Tue, 21 Feb 2023 13:42:59 +0000 (13:42 +0000)]
Attach Apollo Lake HD Audio device, enabling audio on machines with it.
ok jsg@ phessler@
kn [Tue, 21 Feb 2023 12:56:50 +0000 (12:56 +0000)]
Have disk and string list helpers print trailing newlins consistently
In practise, omitting \n is pointless in get_*devs*(), addel() and rmel()
as they are all all used in such a way that the shell always ensures a
trailing \n anyway.
(This might have been needed with the old recursive bsort(), but not now.)
The one exception being the case of a ramdisk with no disks, which revealed
\n mishandling in the root disk question where it ought to print "none"
instead of an empty list of available disks (since inception in r1.1114):
Available disks are: .
Which disk is the root disk? ('?' for details) ?
OK afresh1
tb [Tue, 21 Feb 2023 12:24:39 +0000 (12:24 +0000)]
perlasm: properly spell .rodata for macOS on intel
ok jsing
bcook [Tue, 21 Feb 2023 12:20:22 +0000 (12:20 +0000)]
remove extra argument
ok tb@
job [Tue, 21 Feb 2023 11:13:05 +0000 (11:13 +0000)]
Check all possible storage areas for a matching CRL
This change makes proc_parser_mft_pre() -> parse_load_crl_from_mft()
search in both DIR_TEMP and DIR_VALID for a CRL with a matching SHA256
hash, increasing our chances of constructing a full publication point.
With and OK tb@ claudio@
tb [Tue, 21 Feb 2023 10:18:47 +0000 (10:18 +0000)]
rpki-client: ensure there is no trailing garbage in signed objects
The d2i functions are designed in such a way that the caller is responsible
to check if the entire buffer was consumed. Add checks on deserializing a
signed object to ensure the entire file has been consumed. Reject the file
if it has trailing garbage.
found by & ok job, ok claudio
jmc [Tue, 21 Feb 2023 07:47:24 +0000 (07:47 +0000)]
some nameserver proposal bits:
unwind.8: point to resolvd(8) for autoconf sources
unwind.conf.5: order preferred list by order of preference
resolvd.8: reformat to read better
route.8: no need to discuss unwind in the nameserver command
umb.4 + sppp.4: note the sending of nameserver proposals
the umb/sppp text is from claudio
tobhe confirmed iked sending proposals when configured to do so
much assistance and ok: florian claudio
dtucker [Tue, 21 Feb 2023 06:48:18 +0000 (06:48 +0000)]
fseek to end of known_hosts before writing to it. POSIX and ANSI C
require that applications call fseek or similar between read and writing
to a RW file. OpenBSD doesn't enforce this, but some (System V derived)
platforms need this to prevent it from writing a spurious extra byte (in
this case, a newline). ok djm@ deraadt@
jsing [Tue, 21 Feb 2023 05:58:08 +0000 (05:58 +0000)]
Unifdef MONT_WORD.
It does not make sense to use code that is slower, currently broken and
prevents the use of assembly Montgomery implementations.
This is the result of `unifdef -m -DMONT_WORD`, followed by some manual
clean up and the removal of the Ni bignum from BN_MONT_CTX (which was only
used in the non-MONT_WORD case).
ok miod@ tb@
deraadt [Tue, 21 Feb 2023 05:06:51 +0000 (05:06 +0000)]
sync
gkoehler [Tue, 21 Feb 2023 04:49:43 +0000 (04:49 +0000)]
Set the current pmap in macppc's pmap_activate
This fixes a possible freeze in execve(2). It sometimes froze when a
dual-cpu macppc started daemons during boot. There is a chance that
uvm_map.c uvmspace_exec sees ovm->vm_refcnt != 1 and switches curproc
to a new pmap. If this happened, then execve froze by trying to
copyout to the wrong pmap; curpcb->pcb_pm was old. Fix by setting
pointers when uvmspace_exec calls pmap_activate.
ok miod@
deraadt [Tue, 21 Feb 2023 04:08:50 +0000 (04:08 +0000)]
sync
afresh1 [Tue, 21 Feb 2023 02:20:35 +0000 (02:20 +0000)]
Remove conflict markers from perl tests
This is upstream PR 28103 https://github.com/Perl/perl5/pull/20813
Requested by stsp@ for quality of life improvments for Game of Trees users.
deraadt [Tue, 21 Feb 2023 02:13:27 +0000 (02:13 +0000)]
correct parameter type
afresh1 [Tue, 21 Feb 2023 02:11:03 +0000 (02:11 +0000)]
Don't install DebugWrap.1 manpage
It's from a test file and should never have been installed.
Noticed by xse in #openbsd on libera.chat
jmc [Mon, 20 Feb 2023 16:08:37 +0000 (16:08 +0000)]
sndiod(8) is the audio daemon now; from david demelier
krw [Mon, 20 Feb 2023 14:16:59 +0000 (14:16 +0000)]
Rework/modernize verbiage in the "AUTOMATIC DISK ALLOCATION" and
"EXAMPLES" sections. Build tables with 'Bd -column' instead of
tabs inside 'Bl -literal'. Columns now line up (more or less) in
text, .pdf and .html versions.
Prompted by kn@, feedback & suggestions from jmc@ and schwarze@.
miod [Mon, 20 Feb 2023 11:31:16 +0000 (11:31 +0000)]
Rewrite the ROM walk logic to correctly iterate over non-STI ROMs (and skip
them), such as x86 bios ROMs.
miod [Mon, 20 Feb 2023 09:08:47 +0000 (09:08 +0000)]
Wrap all printf calls in sti_check_rom() in order to automagically cope with
ROM enable/disable; makes addition of debug code more fool-proof. NFC (yet)
kn [Mon, 20 Feb 2023 01:55:41 +0000 (01:55 +0000)]
Disable strict bourne shell mode to get ksh behaviour in (S)hell
Enable features like arithmatic expression and thus make the debug aid
`FUNCS_ONLY=1 . /install.sub' work in those prompts.
'!' answers spawn their own ksh process, but (S)hell drops into /.profile
sourced by /bin/sh executed by init(8), i.e. a korn shell defaulting to
strict bourne shell mode.
Shell options in this interactive parent shell do not effect install.sub
aka. /install, /autoinstall and /upgrade as it is executed in a child.
OK afresh1
gnezdo [Mon, 20 Feb 2023 00:51:57 +0000 (00:51 +0000)]
Adjust inline !libc check to match the intent in ld.so
right, deraadt@
patrick [Mon, 20 Feb 2023 00:01:16 +0000 (00:01 +0000)]
Unbreak RAMDISK build by adding a check for MULTIPROCESSOR.
kn [Sun, 19 Feb 2023 23:46:22 +0000 (23:46 +0000)]
Improve media disk question default
Sets on an unmounted disk partition are most likely to be on install media,
e.g. CD or USB stick.
Default 'Which disk contains the install media?' to the first disk that is
a) not the root disk and b) not a disk with softraid chunks (hosting the
root disk, for example).
This makes it point at the right disk in most setups.
All disks remain valid answers, this is only about the default.
OK afresh1
aisha [Sun, 19 Feb 2023 21:33:38 +0000 (21:33 +0000)]
auth_getchallenge does not exist anymore
anton [Sun, 19 Feb 2023 18:46:46 +0000 (18:46 +0000)]
Make pinsyscall(2) always available for pledged processes. Needed by pledge
execpromises, as noted by regress/sys/kern/pledge/execpromise.
sure deraadt@
robert [Sun, 19 Feb 2023 17:29:49 +0000 (17:29 +0000)]
+openbsd-74-syspatch.pub
robert [Sun, 19 Feb 2023 17:28:46 +0000 (17:28 +0000)]
add 7.4 syspatch public key
kettenis [Sun, 19 Feb 2023 17:16:13 +0000 (17:16 +0000)]
Add support for deep(er) idle states that can be entered using PSCI. For
now this only supports states advertised in device trees, but ACPI support
could be added as well. The parsing of the idle states as well as the
heuristic to pick the deepest one is probably a bit to simple, but more
complex cases can be added later. Worst case cores will use WFI and use
more power in suspend.
ok phessler@
deraadt [Sun, 19 Feb 2023 17:10:38 +0000 (17:10 +0000)]
describe what qcow2 is, in sufficient simple terms
tb [Sun, 19 Feb 2023 15:45:14 +0000 (15:45 +0000)]
Move BN_MONT_CTX back to bn_local.h for now. It's still used by bn_exp.c
deraadt [Sun, 19 Feb 2023 15:35:22 +0000 (15:35 +0000)]
sync
naddy [Sun, 19 Feb 2023 15:19:38 +0000 (15:19 +0000)]
7.4 packages key
sdk [Sun, 19 Feb 2023 14:37:54 +0000 (14:37 +0000)]
Remove non-existent make targets from ports(7) and bsd.port.mk(5)
Removed from ports(7):
- describe, homepage-links, (un)link-categories, unlink-categories
Removed from bsd.port.mk(5):
- (un)link-categories
OK op@
jsing [Sun, 19 Feb 2023 13:51:00 +0000 (13:51 +0000)]
Rewrite BN_MONT_CTX_set_locked()
Rewrite and simplify BN_MONT_CTX_set_locked - in particular, only hold the
lock for a short period of time, rather than holding a write lock for a
module across an expensive operation.
ok tb@
jsing [Sun, 19 Feb 2023 13:44:29 +0000 (13:44 +0000)]
First pass clean up of bn_mont.c.
Use calloc() rather than malloc() with manual initialisation of all struct
members to zero, use memset() instead of manually initialising all struct
members to zero, use consistent naming, use BN_free() instead of
BN_clear_free() (since it is the same thing).
ok tb@
jsing [Sun, 19 Feb 2023 13:33:23 +0000 (13:33 +0000)]
Move BN_MONT_CTX_copy().
jsing [Sun, 19 Feb 2023 13:27:49 +0000 (13:27 +0000)]
Move struct bn_mont_ctx_st from bn_local.h to bn_mont.c.
No code outside of bn_mont.c needs access to it.
ok tb@
stsp [Sun, 19 Feb 2023 12:23:27 +0000 (12:23 +0000)]
Do not let the iwx init task run in parallel to wakeup code during resume.
The driver will resume in the ACPI thread and run code to wake the device.
If a firmware error occurs then the init task will be scheduled and could
then run in parallel to the wakeup code. This would lead to panics as the
init task ran while we were not yet done with device initialization.
To prevent this problem we now grab the rwlock during wakeup, the same
lock which is used to prevent races between the init task and ioctls.
Problem found by mvs@, who also suggested the fix implemented here and
tested the changes.
ok mvs@
anton [Sun, 19 Feb 2023 10:40:34 +0000 (10:40 +0000)]
Disable tests using the preferred bsd.regress.mk technique.
deraadt [Sat, 18 Feb 2023 21:29:55 +0000 (21:29 +0000)]
sync
deraadt [Sat, 18 Feb 2023 18:50:15 +0000 (18:50 +0000)]
7.4 base key
claudio [Sat, 18 Feb 2023 18:07:38 +0000 (18:07 +0000)]
Missing space
miod [Sat, 18 Feb 2023 15:22:40 +0000 (15:22 +0000)]
Fix possibly uninitialized variable in editor_allocspace(); ok krw@
dv [Sat, 18 Feb 2023 14:32:02 +0000 (14:32 +0000)]
acpipwrres(4): remove unused aml_value's.
ok kettenis@
jmc [Sat, 18 Feb 2023 13:46:40 +0000 (13:46 +0000)]
missing dot before macro; from josiah frentsos
miod [Sat, 18 Feb 2023 08:52:39 +0000 (08:52 +0000)]
Put explicit ULL suffix to constants which won't fit in 32 bits.
deraadt [Sat, 18 Feb 2023 01:22:50 +0000 (01:22 +0000)]
Lookup the start,len of the "execve" stub in libc.so, and tell the kernel
where it is with pinsyscall(). In non-static binaries, kernel execve(2)
will now insist upon being called from that small region. Arriving from
a different region smells like ROP methodology, and the process is killed.
deraadt [Fri, 17 Feb 2023 18:08:32 +0000 (18:08 +0000)]
Validate execve() libc stub location if kernel knows it. (due to ld.so
telling the kernel with pinsyscall(2)
deraadt [Fri, 17 Feb 2023 18:02:07 +0000 (18:02 +0000)]
Do not need KTRC_CODE__SYSCALL in the ktrace files anymore, because
__syscall() was removed.
deraadt [Fri, 17 Feb 2023 18:01:26 +0000 (18:01 +0000)]
KTRC_CODE__SYSCALL is never set anymore, because __syscall() is gone.
miod [Fri, 17 Feb 2023 18:00:35 +0000 (18:00 +0000)]
Remove redundant assignment; ok millert@
miod [Fri, 17 Feb 2023 18:00:11 +0000 (18:00 +0000)]
Only compile _ng_print() #ifdef DEBUG_NG; ok millert@
miod [Fri, 17 Feb 2023 17:59:36 +0000 (17:59 +0000)]
Remove unused variables; ok millert@
job [Fri, 17 Feb 2023 14:52:06 +0000 (14:52 +0000)]
Update AUTHORS section
job [Fri, 17 Feb 2023 13:26:18 +0000 (13:26 +0000)]
Use %R technical report macro for RFCs
jsg [Fri, 17 Feb 2023 08:01:03 +0000 (08:01 +0000)]
spelling
ok mglocker@
jsing [Fri, 17 Feb 2023 05:46:57 +0000 (05:46 +0000)]
Provide optimised versions of bn_addw() and bn_subw() for aarch64.
jsing [Fri, 17 Feb 2023 05:30:20 +0000 (05:30 +0000)]
Remove now unused tangle of mul*/sqr* and BN_UMULT_* macros.
No, I'm not trying to overwhelm you... however, we really no longer need
this clutter.
ok tb@
jsing [Fri, 17 Feb 2023 05:13:34 +0000 (05:13 +0000)]
Reimplement bn_sqr_comba{4,8}().
Use bignum primitives rather than the current mess of macros.The sqr_add_c
macro gets replaced with bn_mulw_addtw(), while the sqr_add_c2 macro gets
replaced with bn_mul2_mulw_addtw().
The variables in the comba functions have also been reordered, so that the
patterns are easier to understand - the compiler can take care of
optimising the inputs and outputs to avoid register moves.
ok tb@
dtucker [Fri, 17 Feb 2023 04:22:50 +0000 (04:22 +0000)]
Remove now-unused compat bit SSH_BUG_RSASIGMD5. The code to set this
was removed in OpenSSH 7.7 when support for SSH implementations dating
back to before RFC standardization were removed. "burn it all" djm@
dtucker [Fri, 17 Feb 2023 03:06:18 +0000 (03:06 +0000)]
Remove now-unused compat bit SSH_BUG_BIGENDIANAES. This was
previously set for OpenSSH 2.3 (released in 2000) but this check
was removed in OpenSSH 7.7 (2018). ok djm@ deraadt@
jmc [Thu, 16 Feb 2023 20:33:07 +0000 (20:33 +0000)]
- remove a leftover .El
- escape "An" as this is also a macro
miod [Thu, 16 Feb 2023 20:32:39 +0000 (20:32 +0000)]
Remove obsolete __HAVE_VM_PAGE_MD define - all platforms provide vm_page_md
those days, and nothing checks for that symbol anymore.
job [Thu, 16 Feb 2023 20:06:15 +0000 (20:06 +0000)]
Update references in STANDARDS section to use Rs blocks
Also drop largely irrelevant references like IPv6 and CIDR
(as we didn't reference IPv4 either), remove obsoleted RFCs and add
their successors.
kn [Thu, 16 Feb 2023 18:10:28 +0000 (18:10 +0000)]
Rewrite bsort() from hand-rolled recursive to simpler iterative reusing code
ksh(1) can sort itself and addel() ensures uniqueness, so reuse both to get
a much simpler shell version of `sort -u' that is bug-for-bug compatible
with the old one but shorter and easier to tweak/reason about.
OK afresh1
kettenis [Thu, 16 Feb 2023 14:44:48 +0000 (14:44 +0000)]
Enable dwqe(4).
kettenis [Thu, 16 Feb 2023 14:43:53 +0000 (14:43 +0000)]
Fix MAC address register offsets.
ok patrick@
tb [Thu, 16 Feb 2023 14:34:34 +0000 (14:34 +0000)]
Revert r1.63.
GEN_OTHERNAME is the type of a GENERAL_NAMES, not of a DIST_POINT_NAME,
which needs naked numbers as there is no enum nor defines describing it.
claudio agrees
job [Thu, 16 Feb 2023 14:25:27 +0000 (14:25 +0000)]
Add missing RFC 6487 section 4.8.6 CRLDP compliance checks
OK tb@ claudio@
jsing [Thu, 16 Feb 2023 11:13:05 +0000 (11:13 +0000)]
Enable s2n-bignum word_clz() on amd64.
The BN_num_bits_word() function is a hot path, being called more than
80 million times during a libcrypto regress run. The word_clz()
implementation uses five instructions to do the same as the generic code
that uses more than 60 instructions.
Discussed with tb@
jsing [Thu, 16 Feb 2023 10:58:06 +0000 (10:58 +0000)]
Use bn_addw() in bn_mulw(), rather than duplicating add with carry code.
jsing [Thu, 16 Feb 2023 10:54:20 +0000 (10:54 +0000)]
Change include from _internal_s2n_bignum.h to s2n_bignum_internal.h.
jsing [Thu, 16 Feb 2023 10:53:18 +0000 (10:53 +0000)]
Include the ISC license from s2n-bignum's LICENSE file.
jsing [Thu, 16 Feb 2023 10:51:58 +0000 (10:51 +0000)]
Bring in word_clz.S from s2n-bignum for amd64.
jsing [Thu, 16 Feb 2023 10:41:03 +0000 (10:41 +0000)]
Rename bn_umul_hilo() to bn_mulw().
This keeps the naming consistent with the other bignum primitives that have
been recently introduced. Also, use 1/0 intead of h/l (e.g. a1 instead of
ah), as this keeps consistency with other primitives and allows for naming
that works with double word, triple word and quadruple word inputs/outputs.
Discussed with tb@
tb [Thu, 16 Feb 2023 10:18:59 +0000 (10:18 +0000)]
zap stray empty line
dtucker [Thu, 16 Feb 2023 10:10:00 +0000 (10:10 +0000)]
Remove SSH_BUG_PASSWORDPAD compat bit since it's no longer used.
ok markus@
jsing [Thu, 16 Feb 2023 10:02:02 +0000 (10:02 +0000)]
Add missing masks to accumulator version of bn_umul_hilo()
claudio [Thu, 16 Feb 2023 08:54:47 +0000 (08:54 +0000)]
regen
claudio [Thu, 16 Feb 2023 08:53:16 +0000 (08:53 +0000)]
utrace(2) can run without kernel lock. Now ktruser() will take the
lock only when needed.
OK miod@ cheloha@
claudio [Thu, 16 Feb 2023 08:50:57 +0000 (08:50 +0000)]
Like other ktrace functions make ktruser() callable without kernel lock
by takeing the lock around ktrwrite2().
OK miod@ cheloha@
tb [Thu, 16 Feb 2023 08:38:17 +0000 (08:38 +0000)]
libressl *_namespace.h: adjust *_ALIAS() to require a semicolon
LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h
fix suggested by & ok jsing
dtucker [Thu, 16 Feb 2023 07:55:15 +0000 (07:55 +0000)]
Remove SSH_BUG_IGNOREMSG compat flag since it's only applicable to SSH1
and thus no longer used. ok markus@ "kill it with fire" djm@
deraadt [Thu, 16 Feb 2023 05:38:24 +0000 (05:38 +0000)]
sync
deraadt [Thu, 16 Feb 2023 04:43:54 +0000 (04:43 +0000)]
Document pinsyscall(2). The ld.so and kernel enforcement code is not
commited ye -- waiting for enough people to run kernels which support
the system call.
ok jmc